Wednesday, December 28, 2016

MIM 2016 RCDC Visible tag


Recently I was editing a user edit RCDC for MIM 2016 to allow a field to become visible by setting a Boolean attribute on the user object.

I originally used this blog for doing FIM work: 
https://identityminded.wordpress.com/2011/10/14/fim2010-semi-dynamic-rcdc-operations/ .  Quite helpful, but I noticed that it wasn't working anymore in MIM 2016.
 
The key to this working was in this tag.
my:Property my:Name="Required" my:Value="{Binding Source=object, Path=IsContractor, Mode=TwoWay}"
 
But I couldn't get it work as expected.  After trying a few different things I finally discovered that you have to put the Visible tag directly in the  my:Control tag.  So now it should look like this:
 
 my:Control my:Name="Company" my:TypeName="UocTextBox" my:Caption="{Binding Source=schema, Path=Company.DisplayName}" my:Description="{Binding Source=schema, Path=Company.Description}" my:Visible="{Binding Source=object, Path=IsContractor, Mode=TwoWay}"
Now it works like a charm!
 
 

Sunday, June 26, 2016

Custom approval workflow causes 'Access Denied' error

Recently I was setting up a MIM environment that does the most basic approval workflows.  Have a user create a contractor in the MIM Portal that requires manager approval.  After setting everything up I was getting Access Denied error with the following error - 'Object reference not set to an instance of the object'..  This worked in past FIM deployments so I wasn't sure what the deal was.

Thanks to Dan Malloy for pointing out this blog http://blog.predica.pl/fim-2010-authorization-workflow-fails-with-eventid-3/ which fixed the problem.

FYI if you change an OOB approval workflow, now it becomes custom and it will also change the .NET reference from 3.5 to 4.0 which may cause issues.  Switching it back to 3.5 should resolve the issue.

Saturday, March 19, 2016

Outlook 2016 and MIM2016 client extension resolved

My last post I was frustrated I could install the client extensions for MIM2016 on Outlook 2016.  Now there's a fix:  https://support.microsoft.com/en-us/kb/3134725
Thanks to Brian Desmond for pointing this out.

Friday, March 18, 2016

Outlook 2016 and MIM 2016 client extensions.

Was recently at a client site working on group management.  I discovered that the Outlook plug-in for MIM client extension is not supported on Outlook 2016. 

This is not noted anywhere on the MS web site, so now you know.  This is a bit disappointing, I'm hoping MS will do something about this soon.  I'm going to report it on the MS FIM forum shortly.

Update: There's a hotfix see next post.

Wednesday, December 23, 2015

Security for all is good

It's been discovered that Juniper Networks has been using a flawed encryption for years.  Possibly a result of NSA and/or a bug.  When it becomes easy for good guys to decrypt information for the sake of national security, it makes it just as easy for bad guys to decrypt.  Engineering secure systems without backdoors works for everybody.

Juniper backdoor

Monday, December 14, 2015

MIM 2016 and Exchange 2010: no-start-ma during AD export

I've recently been playing around with MIM 2016 and stood up an Exchange 2010 server within the environment.  Trying to provision to AD with Exchange functionality has proven difficult.  I would get no-start-ma in the MIM Sync console after the AD export.

When I removed the removed the exchange provisioning functionality in the MA extensions section, the export worked as expected. I was able to prove that I could connect to remote powershell so that didn't seem to be the issue yet I continue having the problem.  After googling around I ran across Thomas' blog in setspn.blogspot and found the same thing.

Resolution:
On the MIM sync server, install .Net 4.6.  Install all windows updates (including optional).  Reboot - I had to reboot twice as the FIM service wouldn't start the first time.  All seems to be working now.  Thanks for the info Thomas.

Monday, March 9, 2015

Updating Workday using .NET

The second post here will give you a good start how to update a user who's in Workday.  The community had zero examples how to do this, so you should find this helpful.

Read the earlier post regarding pre-reqs needed to connect to Workday using .NET.  This time I'll do it in VB.NET and the below code will update the email address.

/////////////////////////////

  empId = "12345"
             
                workerType = "Employee_ID"

                Dim emailValue As String = "jsmtih@company.com"
                Dim effectiveDate As Date = Now()

                Dim emailRequest As New Maintain_Contact_Information_for_Person_Event_RequestType()
                emailRequest.version = "v22.0"
                emailRequest.Add_Only = True

                emailRequest.Maintain_Contact_Information_Data = New Contact_Information_for_Person_Event_DataType()
                emailRequest.Maintain_Contact_Information_Data.Worker_Contact_Information_Data = New Contact_Information_DataType()


                emailRequest.Maintain_Contact_Information_Data.Worker_Contact_Information_Data.Email_Address_Data = New Email_Address_Information_DataType(0) {New Email_Address_Information_DataType()}

                emailRequest.Maintain_Contact_Information_Data.Worker_Reference = New WorkerObjectType()
                emailRequest.Maintain_Contact_Information_Data.Worker_Reference.ID = New WorkerObjectIDType(0) {New WorkerObjectIDType()}
                emailRequest.Maintain_Contact_Information_Data.Worker_Reference.ID(0).type = workerType
                emailRequest.Maintain_Contact_Information_Data.Worker_Reference.ID(0).Value = empId

                emailRequest.Maintain_Contact_Information_Data.Effective_Date = effectiveDate
                emailRequest.Maintain_Contact_Information_Data.Effective_DateSpecified = True

                emailRequest.Maintain_Contact_Information_Data.Worker_Contact_Information_Data.Email_Address_Data(0).Email_Address = emailValue
                emailRequest.Maintain_Contact_Information_Data.Worker_Contact_Information_Data.Email_Address_Data(0).Usage_Data = New Communication_Method_Usage_Information_DataType(0) {New Communication_Method_Usage_Information_DataType()}
                emailRequest.Maintain_Contact_Information_Data.Worker_Contact_Information_Data.Email_Address_Data(0).Usage_Data(0).[Public] = True

                emailRequest.Maintain_Contact_Information_Data.Worker_Contact_Information_Data.Email_Address_Data(0).Usage_Data(0).PublicSpecified = True

                emailRequest.Maintain_Contact_Information_Data.Worker_Contact_Information_Data.Email_Address_Data(0).Usage_Data(0).Type_Data = New Communication_Usage_Type_DataType(0) {New Communication_Usage_Type_DataType()}
                emailRequest.Maintain_Contact_Information_Data.Worker_Contact_Information_Data.Email_Address_Data(0).Usage_Data(0).Type_Data(0).Primary = True

                emailRequest.Maintain_Contact_Information_Data.Worker_Contact_Information_Data.Email_Address_Data(0).Usage_Data(0).Type_Data(0).PrimarySpecified = True

                emailRequest.Maintain_Contact_Information_Data.Worker_Contact_Information_Data.Email_Address_Data(0).Usage_Data(0).Type_Data(0).Type_Reference = New Communication_Usage_TypeObjectType()
                emailRequest.Maintain_Contact_Information_Data.Worker_Contact_Information_Data.Email_Address_Data(0).Usage_Data(0).Type_Data(0).Type_Reference.ID = New Communication_Usage_TypeObjectIDType(0) {New Communication_Usage_TypeObjectIDType()}
                emailRequest.Maintain_Contact_Information_Data.Worker_Contact_Information_Data.Email_Address_Data(0).Usage_Data(0).Type_Data(0).Type_Reference.ID(0).type = "Communication_Usage_Type_ID"
                emailRequest.Maintain_Contact_Information_Data.Worker_Contact_Information_Data.Email_Address_Data(0).Usage_Data(0).Type_Data(0).Type_Reference.ID(0).Value = "WORK"




                Dim emailProxy As Human_ResourcesPortClient = CreateHumanResourcesProxy()

                Dim emailResponse As Maintain_Contact_Information_for_Person_Event_ResponseType

                Try
                    emailResponse = emailProxy.Maintain_Contact_Information(emailRequest)
                    Console.WriteLine("email update done")
                Catch fe As FaultException
                    If fe.Message.Contains("Invalid ID value.") Then
                        Try
                            Console.WriteLine("Email Update ERROR as Employee will try CW")
                            emailRequest.Maintain_Contact_Information_Data.Worker_Reference.ID(0).type = "Contingent_Worker_ID"
                            emailResponse = emailProxy.Maintain_Contact_Information(emailRequest)
                            Console.WriteLine("email update done")
                        Catch ex As Exception
                            Console.WriteLine("Email Update ERROR as CW also " + fe.Message)
                        End Try


                    End If
                    'Console.WriteLine("Email Update ERROR " + fe.Message)
                End Try

///////////////////////////////


Notice that in the Try/Catch section, I catch in case the update doesn't work as an Employee then I try again as a Contingent Worker.

The CreateHumanResourcesProxy function can be found in the earlier post.